Educause Security Discussion mailing list archives
Re: Anyone using SPF/SRS/SenderID ?
From: Andrew Daviel <advax () TRIUMF CA>
Date: Thu, 7 Jan 2010 18:40:32 -0800
On Wed, 6 Jan 2010, Ed Gibson wrote:
Hi Andrew We set our SPF record to hard fail approximately 6 months ago. We have seen a significant decline as far as our email addresses being spoofed for the purposes of SPAM delivery as a result.
As I was trying to work out with my examples, if we set SPF to hard fail, we'd be at the mercy of other organizations to use SRS for forwarding. We have a lot of researchers who come here for various periods, also staff from here who are working elsewhere. Generally they have email accounts both here and at their home institution (plus whatever personal accounts they may have), and often forward one to the other. Also, unless someone is terminated with prejudice, we often forward their email to their new institution when they leave (as one might do with surface mail). I don't have a good idea of how widespread support for SRS or "resent-from" is among the academic community, if we break traditional forwarding by hard-failing SPF. E.g. AFAIK they are not hard-coded in current sendmail, but require external milters and configs. DKIM looks interesting, as Jesse points out. I guess I'll take a look at that too. On the receiving side, we aren't bouncing SPF failures but use the built-in scoring in SpamAssassin. I had been whitelisting (in the SpamAssassin sense) .edu IP blocks as being generally OK, until a recent rash of Squirrelmail compromises. I also started using http://www.emailreg.org/ DNSWL, though found that one of the compromised .edu sites had listed themselves :-/ -- Andrew Daviel TRIUMF
Current thread:
- Anyone using SPF/SRS/SenderID ? Andrew Daviel (Jan 05)
- <Possible follow-ups>
- Re: Anyone using SPF/SRS/SenderID ? Jesse Thompson (Jan 06)
- Re: Anyone using SPF/SRS/SenderID ? Ed Gibson (Jan 06)
- Re: Anyone using SPF/SRS/SenderID ? Jesse Thompson (Jan 07)
- Re: Anyone using SPF/SRS/SenderID ? Andrew Daviel (Jan 07)
- Re: Anyone using SPF/SRS/SenderID ? Jesse Thompson (Jan 08)